Developer Zone | App Store
Home  ›  Marketing & Research

Marketing & Research

The Android Data Leakage Scandal

It’s been a roller coaster week for Android owners as word got out earlier this week that essentially all (99.7%) Android smartphones are leaking login data for Google services, and could allow other access to information stored in the cloud. This claim was made by German security researchers Bastian Könings, Jens Nickels, and Florian Schaub from the University of Ulm. The vulnerability is observed in apps that use the ClientLogin authentication protocol in Android 2.3.3 and earlier. The ClientLogin API is meant to be increase security and performance, because Google’s servers need only check your login information once. Usernames and password are sent once, and thereafter the apps use a token instead.

Lifehacker explains how this vulnerability can be exploited:

Unless your device is one of the 1% with Android 2.3.4, those credentials—for Google Calendar, Twitter, Facebook, and other accounts—are submitted in the clear. This can give attackers access to those accounts if you unwittingly connect to an unencrypted wireless network set up by the attacker.An attacker only needs to set up a Wi-Fi access point with a common SSID name, such as “starbucks” or “attwifi” (an evil twin network), and when your Android phone tries to automatically connect, the hacker can capture the authentication tokens for your accounts.

Then, later in the week, Google announced that it had started rolling out a silent fix. They’ve implemented a server-side patch that will close the security whol for all version of Android. This fix will go out silently, without users having to download or update their apps. The fix should be out by the end of the week, and will force all servers to use an encrypted HTTPS. Obviously, a fix is good for everyone, but it raises concerns about how fast a patch could roll out for a serious security flaw, considering that Google is so reliant on manufacturers and carriers to push out OS updates.

The takeaway here, as a developer, is that it’s important to not rely on an OS for security alone. Both Google and Apple have testified in front of Congress about privacy and their respective platforms. Remember to think about your users and how they value their information. More and more companies are using HTTPS, even Twitter and Facebook have HTTPS features. Privacy and vulnerabilities are serious, hot button issues for the community, so don’t let your app become the next poster child for security issues.

Have any tips or suggestions when it comes to app development and security/privacy? Leave a comment, send an email, or shout on Twitter.

Filed under Marketing & Research

Coffee? No, thanks. I’ll take an app instead.

The Ericsson ConsumerLab has a report out today that shows a third of users reach for their phone and open apps before before they even get out of bed.

On top of that, 18% of consumers are booting up a social networking app before they get up, and 10% are using them on trains, planes, and automobiles while commuting.  34% of consumers are using apps later into the evening, and 20% are using apps instead of counting sheep in bed right before going to sleep.

The graph above shows an interesting change in consumer’s user of the Internet in a constantly connected world. With the increase of availability of tablets, phones, and net books, consumers are moving from using the Internet in ‘chunks’ to using it in smaller spurts reflective on the spontaneity that these new devices allow.

What does this mean for developers? It’s important to be writing apps that allow for that kind of impulsive Internet use. This can mean creating apps that a user can use for shorter periods of time throughout the day, or one with useful push messages that someone can read before they get out of bed. Regardless of what this means to you as a developer, this report is a testament to way that apps are becoming an integral part of people’s lives.

Check out the full survey here.

Filed under Marketing & Research

GetJar releases its App Meter report for Q2 2011

GetJar has just released its App Meter report for Q2 2011. It features an in-depth survey report by GetJar CMO, Patrick Mork.

Filed under Marketing & Research

Want to be the next GetJar+ title?

Since the launch of the GetJar+ program, we have been getting a lot of e-mails from developers and publishers stressing interest in wanting to know more and become involved in the program. For those who don’t know, GetJar+ is an exclusive app marketing package reserved for premium app publishers and GetJar partners. These premium applications are generally exclusives to GetJar for a limited basis or provide exclusive marketing activities to drive traffic to GetJar.

Some past GetJar+ partners include:


The Salvation Army



and Digital Chocolate

If you’re a publisher interested in the GetJar+ program feel free to download the following documents to get a better understanding of the program and to find out what the next step are.

GetJar+ Info

GetJar+ Submission Template

Angry Birds Case Study

Filed under Developer News, GetJar, Marketing & Research, Partners

What’s New!

Here’s some exciting new capability from GetJar:

  • The new GetJar App with Facebook Connect
  • Connect with your friends
  • See what apps are the most popular among friends
  • See the list of all the apps you’ve downloaded while connected to Facebook.
  • When you get a new phone, reconnect and get all your apps
  • Here’s the link:
Filed under Developer News, GetJar, Marketing & Research

A Call for Apps!

App Developers who upload a new app to GetJar’s Developer Zone by Dec 15, 2010 11:59 PM, will be eligible for consideration for one or more of the following perks from GetJar including:
·      Marketing and PR support
·      Inclusion on GetJar’s “Most Wanted” List
·      GetJar+ Placement in the Mobile GetJar Search Results
·      $100 of GetJar PPD Ad credit (click here to learn more)
·      Device Anywhere testing credit
Based on a random drawing: one developer will win an Android eLocity A7 tablet!

Create your account and upload your app or mobile site shortcut today.

Filed under Developer Events, GetJar, Marketing & Research

The Mobile Developer Journey

Cool chart showing the Mobile Developer Journey.  Click on it to see the source story!

The Mobile Developer Journey

Filed under Developer Events, Marketing & Research, Partners

Another article on Android Fragmentation

While this article on Android Fragmentation was originally in Spanish, Google translate does a great job.  Here it is in English

Filed under GetJar, Marketing & Research

Recent Developer Presentations

Thanks to Matt Abdou, the CTO of Androidpreneur, for recording these three presentations.   If there is interest we will edit these to include our slides.

  • Patrick Mork, CMO at the Sprint Developer’s Conference
  • Bruce Jones, Developer Evangelist at the Android Meetup
  • Aaron Kasten, from AndroidSwag at the Android Meetup
Filed under Developer Events, Developer News, GetJar, Marketing & Research, Partners

GetJar increases its reach!

GetJar increases the reach it provides developers today.  AT&T has added the ability for its customers to download apps from GetJar.  Here’s the Reuters article:

AT&T to offer GetJar on phones such as BlackBerry

Here’s the list of all the carriers and manufacturers that offer GetJar apps:

  • AT&T (North America)
  • Sprint (United States)
  • Vodaphone (Ireland, Hungary, South Africa)
  • MNT (South Africa)
  • Cell C (South Africa)
  • 3UK (United Kingdom)
  • Optimus (Portugal)
  • Virgin Mobile (India)
  • Reliance (India)
  • LG (handsets)
  • Sony Ericsson (handsets)
  • and of course: (Everywhere)
Related Posts Plugin for WordPress, Blogger...
Filed under GetJar, Marketing & Research